idnits 2.17.1 draft-ietf-pce-inter-layer-frwk-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 22. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 1448. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 1424. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 1431. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 1437. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (June 2008) is 5787 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group E. Oki 3 Internet Draft NTT 4 Category: Informational Tomonori Takeda 5 Expires: December 2008 NTT 6 J-L Le Roux 7 France Telecom 8 A. Farrel 9 Old Dog Consulting 10 June 2008 12 Framework for PCE-Based Inter-Layer MPLS and GMPLS Traffic 13 Engineering 15 draft-ietf-pce-inter-layer-frwk-07.txt 17 Status of this Memo 19 By submitting this Internet-Draft, each author represents that any 20 applicable patent or other IPR claims of which he or she is aware 21 have been or will be disclosed, and any of which he or she becomes 22 aware will be disclosed, in accordance with Section 6 of BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF), its areas, and its working groups. Note that 26 other groups may also distribute working documents as Internet- 27 Drafts. 29 Internet-Drafts are draft documents valid for a maximum of six 30 months and may be updated, replaced, or obsoleted by other documents 31 at any time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 The list of current Internet-Drafts can be accessed at 35 http://www.ietf.org/ietf/1id-abstracts.txt. 37 The list of Internet-Draft Shadow Directories can be accessed at 38 http://www.ietf.org/shadow.html. 40 Abstract 42 A network may comprise multiple layers. It is important to globally 43 optimize network resource utilization, taking into account all 44 layers, rather than optimizing resource utilization at each layer 45 independently. This allows better network efficiency to be achieved 46 through a process that we call inter-layer traffic engineering. The 47 Path Computation Element (PCE) can be a powerful tool to achieve 48 inter-layer traffic engineering. 50 This document describes a framework for applying the PCE-based 51 architecture to inter-layer Multiprotocol Label Switching (MPLS) and 52 Generalized MPLS (GMPLS) traffic engineering. It provides 53 suggestions for the deployment of PCE in support of multi-layer 54 networks. This document also describes network models where PCE 55 performs inter-layer traffic engineering, and the relationship 56 between PCE and a functional component called the Virtual Network 57 Topology Manager (VNTM). 59 Table of Contents 61 1. Introduction....................................................3 62 1.1. Terminology..................................................4 63 2. Inter-Layer Path Computation....................................4 64 3. Inter-Layer Path Computation Models.............................6 65 3.1. Single PCE Inter-Layer Path Computation......................6 66 3.2. Multiple PCE Inter-Layer Path Computation....................7 67 3.3. General Observations.........................................8 68 4. Inter-Layer Path Control........................................9 69 4.1. VNT Management...............................................9 70 4.2. Inter-Layer Path Control Models..............................9 71 4.2.1. PCE-VNTM Cooperation Model.................................9 72 4.2.2. Higher-Layer Signaling Trigger Model......................11 73 4.2.3. NMS-VNTM Cooperation Model................................15 74 4.2.4. Possible Combinations of Inter-Layer Path Computation and 75 Inter-Layer Path Control Models...................................17 76 5. Choosing Between Inter-Layer Path Control Models...............18 77 5.1. VNTM Functions..............................................18 78 5.2. Border LSR Functions........................................19 79 5.3. Complete Inter-Layer LSP Setup Time.........................19 80 5.4. Network Complexity..........................................20 81 5.5. Separation of Layer Management..............................20 82 6. Stability Considerations.......................................21 83 7. Manageability Considerations...................................22 84 7.1. Control of Function and Policy..............................22 85 7.1.1. Control of Inter-Layer Computation Function...............22 86 7.1.2. Control of Per-Layer Policy...............................22 87 7.1.3. Control of Inter-Layer Policy.............................23 88 7.2. Information and Data Models.................................23 89 7.3. Liveness Detection and Monitoring...........................24 90 7.4. Verifying Correct Operation.................................24 91 7.5. Requirements on Other Protocols and Functional Components...25 92 7.6. Impact on Network Operation.................................25 93 8. Security Considerations........................................25 95 Oki et al Expires December 2008 2 97 9. Acknowledgments................................................27 98 10. References...................................................27 99 10.1. Normative Reference.........................................27 100 10.2. Informative Reference.......................................27 101 11. Authors's Addresses..........................................28 102 12. Intellectual Property Statement..............................29 104 1. Introduction 106 A network may comprise multiple layers. These layers may represent 107 separations of technologies (e.g., packet switch capable (PSC), time 108 division multiplex (TDM), or lambda switch capable (LSC)) [RFC3945], 109 separation of data plane switching granularity levels (e.g., PSC-1, 110 PSC-2, VC4, or VC12) [MLN-REQ], or a distinction between client and 111 server networking roles. In this multi-layer network, Label Switched 112 Paths (LSPs) in a lower layer are used to carry higher-layer LSPs 113 across the lower-layer network. The network topology formed by 114 lower-layer LSPs and advertised as traffic engineering links (TE 115 links) in the higher layer network is called the Virtual Network 116 Topology (VNT) [MLN-REQ]. 118 It may be effective to optimize network resource utilization 119 globally, i.e., taking into account all layers, rather than 120 optimizing resource utilization at each layer independently. This 121 allows better network efficiency to be achieved and is what we call 122 inter-layer traffic engineering. This includes mechanisms allowing 123 the computation of end-to-end paths across layers (known as inter- 124 layer path computation), and mechanisms for control and management 125 of the Virtual Network Topology (VNT) by setting up and releasing 126 LSPs in the lower layers [MLN-REQ]. 128 Inter-layer traffic engineering is included in the scope of the Path 129 Computation Element (PCE)-based architecture [RFC4655], and PCE can 130 provide a suitable mechanism for resolving inter-layer path 131 computation issues. 133 PCE Communication Protocol requirements for inter-layer traffic 134 engineering are set out in [PCE-INTER-LAYER-REQ]. 136 This document describes a framework for applying the PCE-based 137 architecture to inter-layer traffic engineering. It provides 138 suggestions for the deployment of PCE in support of multi-layer 139 networks. This document also describes network models where PCE 140 performs inter-layer traffic engineering, and the relationship 141 between PCE and a functional component in charge of the control and 142 management of the VNT, called the Virtual Network Topology Manager 143 (VNTM). 145 Oki et al Expires December 2008 3 147 1.1. Terminology 149 This document uses terminology from the PCE-based path computation 150 architecture [RFC4655] and also common terminology from Multi 151 Protocol Label Switching (MPLS) [RFC3031], Generalized MPLS (GMPLS) 152 [RFC3945], and Multi-Layer Networks [MLN-REQ]. 154 2. Inter-Layer Path Computation 156 This section describes key topics of inter-layer path computation in 157 MPLS and GMPLS networks. 159 [RFC4206] defines a way to signal a higher-layer LSP, which has an 160 explicit route that includes hops traversed by LSPs in lower layers. 161 The computation of end-to-end paths across layers is called Inter- 162 Layer Path Computation. 164 A Label Switching Router (LSR) in the higher-layer might not have 165 information on the topology of the lower-layer, particularly in an 166 overlay or augmented model deployment, and hence may not be able to 167 compute an end-to-end path across layers. 169 PCE-based Inter-Layer Path Computation consists of using one or more 170 PCEs to compute an end-to-end path across layers. This could be 171 achieved by a single PCE path computation where the PCE has topology 172 information about multiple layers and can directly compute an end- 173 to-end path across layers considering the topology of all of the 174 layers. Alternatively, the inter-layer path computation could be 175 performed as a multiple PCE computation where each member of a set 176 of PCEs has information about the topology of one or more layers 177 (but not all layers), and the PCEs collaborate to compute an end-to- 178 end path. 180 ----- ----- ----- ----- 181 | LSR |--| LSR |................| LSR |--| LSR | 182 | H1 | | H2 | | H3 | | H4 | 183 ----- -----\ /----- ----- 184 \----- -----/ 185 | LSR |--| LSR | 186 | L1 | | L2 | 187 ----- ----- 189 Figure 1 - A Simple Example of a Multi-Layer Network. 191 Consider, for instance, the two-layer network shown in Figure 1, 192 where the higher-layer network is a packet-based IP/MPLS or GMPLS 193 network (LSRs H1, H2, H3, and H4), and the lower-layer network 194 (LSRs, H2, L1, L2, and H3) is a GMPLS optical network. An ingress 195 LSR in the higher-layer network (H1) tries to set up an LSP to an 197 Oki et al Expires December 2008 4 198 egress LSR (H4) also in the higher-layer network across the lower- 199 layer network, and needs a path in the higher-layer network. However, 200 suppose that there is no TE link in the higher-layer network between 201 the border LSRs located on the boundary between the higher-layer and 202 lower-layer networks (H2 and H3). Suppose also that the ingress LSR 203 does not have topology visibility into the lower layer. If a single- 204 layer path computation is applied in the higher-layer, the path 205 computation fails because of the missing TE link. On the other hand, 206 inter-layer path computation is able to provide a route in the 207 higher-layer (H1-H2-H3-H4) and a suggestion that a lower-layer LSP 208 be set up between the border LSRs (H2-L1-L2-H3). 210 Lower-layer LSPs that are advertised as TE links into the higher- 211 layer network form a Virtual Network Topology (VNT) that can be used 212 for routing higher-layer LSPs. Inter-layer path computation for end- 213 to-end LSPs in the higher-layer network that span the lower-layer 214 network may utilize the VNT, and PCE is a candidate for computing 215 the paths of such higher-layer LSPs within the higher-layer network. 216 Alternatively, the PCE-based path computation model can: 218 - Perform a single computation on behalf of the ingress LSR using 219 information gathered from more than one layer. This mode is referred 220 to as Single PCE Computation in [RFC4655]. 222 - Compute a path on behalf of the ingress LSR through cooperation 223 with PCEs responsible for each layer. This mode is referred to as 224 Multiple PCE Computation with inter-PCE communication in [RFC4655]. 226 - Perform separate path computations on behalf of the TE-LSP head- 227 end and each transit border LSR that is the entry point to a new 228 layer. This mode is referred to as Multiple PCE Computation (without 229 inter-PCE communication) in [RFC4655]. This option utilizes per- 230 layer path computation performed independently by successive PCEs. 232 The PCE invoked by the head-end LSR computes a path that the LSR can 233 use to signal an MPLS-TE or GMPLS LSP once the path information has 234 been converted to an Explicit Route Object (ERO) for use in RSVP-TE 235 signaling. There are two options. 237 - Option 1: Mono-layer path. 238 The PCE computes a "mono-layer" path, i.e., a path that includes 239 only TE links from the same layer. There are two cases for this 240 option. In the first case the PCE computes a path that includes 241 already established lower-layer LSPs or lower-layer LSPs to be 242 established on demand. That is, the resulting ERO includes sub- 243 object(s) corresponding to lower-layer hierarchical LSPs expressed 244 as the TE link identifiers of the hierarchical LSPs when advertised 245 as TE links in the higher-layer network. The TE link may be a 246 regular TE link that is actually established, or a virtual TE link 248 Oki et al Expires December 2008 5 249 that is not established yet (see [MLN-REQ]). If it is a virtual TE 250 link, this triggers a setup attempt for a new lower-layer LSP when 251 signaling reaches the head-end of the lower-layer LSP. Note that the 252 path of a virtual TE link is not necessarily known in advance, and 253 this may require a further (lower-layer) path computation. 255 The second case is that the PCE computes a path that includes a 256 loose hop that spans the lower-layer network. The higher layer path 257 computation selects which lower layer network to use, and selects 258 the entry and exit points of that lower-layer network, but does not 259 select the path across the lower-layer network. A transit LSR that 260 is the entry point to the lower-layer network is expected to expand 261 the loose hop (either itself or relying on the services of a PCE). 262 The path expansion process on the border LSR may result either in 263 the selection of an existing lower-layer LSP, or in the computation 264 and setup of a new lower-layer LSP. 266 - Option 2: Multi-layer path. 267 The PCE computes a "multi-layer" path, i.e., a path that includes TE 268 links from distinct layers [RFC4206]. Such a path can include the 269 complete path of one or more lower-layer LSPs that already exist or 270 are not yet established. In the latter case, the signaling of the 271 higher-layer LSP will trigger the establishment of the lower-layer 272 LSPs. 274 3. Inter-Layer Path Computation Models 276 As stated in Section 2, two PCE modes defined in the PCE 277 architecture can be used to perform inter-layer path computation. 278 They are discussed in the sections that follow. 280 3.1. Single PCE Inter-Layer Path Computation 282 In this model inter-layer path computation is performed by a single 283 PCE that has topology visibility into all layers. Such a PCE is 284 called a multi-layer PCE. 286 In Figure 2, the network is comprised of two layers. LSRs H1, H2, H3, 287 and H4 belong to the higher layer, and LSRs H2, H3, L1, and L2 288 belong to the lower layer. The PCE is a multi-layer PCE that has 289 visibility into both layers. It can perform end-to-end path 290 computation across layers (single PCE path computation). For 291 instance, it can compute an optimal path H1-H2-L1-L2-H3-H4, for a 292 higher layer LSP from H1 to H4. This path includes the path of a 293 lower layer LSP from H2 to H3, already in existence or not yet 294 established. 296 ----- 298 Oki et al Expires December 2008 6 299 | PCE | 300 ----- 301 ----- ----- ----- ----- 302 | LSR |--| LSR |................| LSR |--| LSR | 303 | H1 | | H2 | | H3 | | H4 | 304 ----- -----\ /----- ----- 305 \----- -----/ 306 | LSR |--| LSR | 307 | L1 | | L2 | 308 ----- ----- 310 Figure 2: Single PCE Inter-Layer Path Computation 312 3.2. Multiple PCE Inter-Layer Path Computation 314 In this model there is at least one PCE per layer, and each PCE has 315 topology visibility restricted to its own layer. Some providers may 316 want to keep the layer boundaries due to factors such as 317 organizational and/or service management issues. The choice for 318 multiple PCE computation instead of single PCE computation may also 319 be driven by scalability considerations, as in this mode a PCE only 320 needs to maintain topology information for one layer (resulting in a 321 size reduction for the Traffic Engineering Database (TED)). 323 These PCEs are called mono-layer PCEs. Mono-layer PCEs collaborate 324 to compute an end-to-end optimal path across layers. 326 Figure 3 shows multiple PCE inter-layer computation with inter-PCE 327 communication. There is one PCE in each layer. The PCEs from each 328 layer collaborate to compute an end-to-end path across layers. PCE 329 Hi is responsible for computations in the higher layer and may 330 "consult" with PCE Lo to compute paths across the lower layer. PCE 331 Lo is responsible for path computation in the lower layer. A simple 332 example of cooperation between the PCEs could be as follows: 333 - LSR H1 sends a request for a path H1-H4 to PCE Hi 334 - PCE Hi selects H2 as the entry point to the lower layer, and H3 as 335 the exit point. 336 - PCE Hi requests a path H2-H3 from PCE Lo. 337 - PCE Lo returns H2-L1-L2-H3 to PCE Hi. 338 - PEC Hi is now able to compute the full path (H1-H2-L1-L2-H3-H4) 339 and return it to H1. 341 Of course, more complex cooperation may be required if an optimal 342 end-to-end path is desired. 344 ----- 345 | PCE | 346 | Hi | 348 Oki et al Expires December 2008 7 349 --+-- 350 | 351 ----- ----- | ----- ----- 352 | LSR |--| LSR |............|...........| LSR |--| LSR | 353 | H1 | | H2 | | | H3 | | H4 | 354 ----- -----\ --+-- /----- ----- 355 \ | PCE | / 356 \ | Lo | / 357 \ ----- / 358 \ / 359 \----- -----/ 360 | LSR |--| LSR | 361 | L1 | | L2 | 362 ----- ----- 364 Figure 3: Multiple PCE Inter-Layer Path Computation with Inter-PCE 365 Communication 367 Figure 4 shows multiple PCE inter-layer path computation without 368 inter-PCE communication. As described in Section 2, separate path 369 computations are performed on behalf of the TE-LSP head-end and each 370 transit border LSR that is the entry point to a new layer. 372 ----- 373 | PCE | 374 | Hi | 375 ----- 377 ----- ----- ----- ----- 378 | LSR |--| LSR |........................| LSR |--| LSR | 379 | H1 | | H2 | | H3 | | H4 | 380 ----- -----\ ----- /----- ----- 381 \ | PCE | / 382 \ | Lo | / 383 \ ----- / 384 \ / 385 \----- -----/ 386 | LSR |--| LSR | 387 | L1 | | L2 | 388 ----- ----- 390 Figure 4: Multiple PCE Inter-layer Path Computation Without Inter- 391 PCE Communication 393 3.3. General Observations 395 - Depending on implementation details, the time to perform inter- 396 layer path computation in the single PCE inter-layer path 397 computation model may be less than that of the multiple PCE model 399 Oki et al Expires December 2008 8 400 with cooperating mono-layer PCEs, because there is no requirement to 401 exchange messages between cooperating PCEs. 403 - When TE topology for all layer networks is visible within one 404 routing domain, the single PCE inter-layer path computation model 405 may be adopted because a PCE is able to collect all layers' TE 406 topologies by participating in only one routing domain. 408 - As the single PCE inter-layer path computation model uses more TE 409 topology information in one computation than is used by PCEs in the 410 multiple PCE path computation model, it requires more computation 411 power and memory. 413 When there are multiple candidate layer border nodes (we may say 414 that the higher layer is multi-homed), optimal path computation 415 requires that all the possible paths transiting different layer 416 border nodes or links be examined. This is relatively simple in the 417 single PCE inter-layer path computation model because the PCE has 418 full visibility - the computation is similar to the computation 419 within a single domain of a single layer. In the multiple PCE inter- 420 layer path computation model, backward recursive techniques 421 described in [BRPC] could be used, by considering layers as separate 422 domains. 424 4. Inter-Layer Path Control 426 4.1. VNT Management 428 As a result of mono-layer path computation, a PCE may determine that 429 there is insufficient bandwidth available in the higher-layer 430 network to support this or future higher-layer LSPs. The problem 431 might be resolved if new LSPs were provisioned across the lower- 432 layer network. Furthermore, the modification, re-organization and 433 new provisioning of lower-layer LSPs may enable better utilization 434 of lower-layer network resources given the demands of the higher- 435 layer network. In other words, the VNT needs to be controlled or 436 managed in cooperation with inter-layer path computation. 438 A VNT Manager (VNTM) is defined as a functional element that manages 439 and controls the VNT. PCE and VNT Manager are distinct functional 440 elements that may or may not be co-located. 442 4.2. Inter-Layer Path Control Models 444 4.2.1. PCE-VNTM Cooperation Model 446 ----- ------ 447 | PCE |--->| VNTM | 448 ----- ------ 450 Oki et al Expires December 2008 9 451 ^ : 452 : : 453 : : 454 v V 455 ----- ----- ----- ----- 456 | LSR |----| LSR |................| LSR |----| LSR | 457 | H1 | | H2 | | H3 | | H4 | 458 ----- -----\ /----- ----- 459 \----- -----/ 460 | LSR |--| LSR | 461 | L1 | | L2 | 462 ----- ----- 464 Figure 5: PCE-VNTM Cooperation Model 466 A multi-layer network consists of higher-layer and lower-layer 467 networks. LSRs H1, H2, H3, and H4 belong to the higher-layer network, 468 LSRs H2, L1, L2, and H3 belong to the lower-layer network, as shown 469 in Figure 5. The case of single PCE inter-layer path computation is 470 considered here to explain the cooperation model between PCE and 471 VNTM, but multiple PCE path computation with or without inter-PCE 472 communication can also be applied to this model. 474 Consider that H1 requests the PCE to compute an inter-layer path 475 between H1 and H4. There is no TE link in the higher-layer between 476 H2 and H3 before the path computation request, so the request fails. 477 But the PCE may provide information to the VNT Manager responsible 478 for the lower layer network that may help resolve the situation for 479 future higher-layer LSP setup. 481 The roles of PCE and VNTM are as follows. PCE performs inter-layer 482 path computation and is unable to supply a path because there is no 483 TE link between H2 and H3. The computation fails, but PCE suggests 484 to VNTM that a lower-layer LSP (H2-H3) could be established to 485 support future LSP requests. Messages from PCE to VNTM contain 486 information about the higher-layer demand (from H2 to H3), and may 487 include a suggested path in the lower layer (if the PCE has 488 visibility into the lower layer network). VNTM uses local policy and 489 possibly management/configuration input to determine how to process 490 the suggestion from PCE, and may request an ingress LSR (e.g. H2) to 491 establish a lower-layer LSP. VNTM or the ingress LSR (H2) may 492 themselves use a PCE with visibility into the lower layer to compute 493 the path of this new LSP. 495 When the higher-layer PCE fails to compute a path and notifies VNTM, 496 it may wait for the lower-layer LSP to be set up and advertised as a 497 TE link. PCE may have a timer. After TED is updated within a 498 specified duration, PCE will know a new TE link. It could then 499 compute the complete end-to-end path for the higher-layer LSP and 501 Oki et al Expires December 2008 10 502 return the result to the PCC. In this case, the PCC may be kept 503 waiting for some time, and it is important that the PCC understands 504 this. It is also important that the PCE and VNTM have an agreement 505 that the lower-layer LSP will be set up in a timely manner, or that 506 the PCE will be notified by VNTM that no new LSP will become 507 available. In any case, if the PCE decides to wait, it must operate 508 a timeout. An example of such a cooperative procedure between PCE 509 and VNTM is as follows using the example network in Figure 4. 511 Step 1: H1 (PCC) requests PCE to compute a path between H1 and H4. 513 Step 2: The path computation fails because there is no TE link 514 across the lower-layer network. 516 Step 3: PCE suggests to VNTM that a new TE link connecting H2 and H3 517 would be useful. The PCE notifies VNTM that it will be waiting for 518 the TE link to be created. VNTM considers whether lower-layer LSPs 519 should be established if necessary and if acceptable within VNTM's 520 policy constraints. 522 Step 4: VNTM requests an ingress LSR in the lower-layer network 523 (e.g., H2) to establish a lower-layer LSP. The request message may 524 include a lower-layer LSP route obtained from the PCE responsible 525 for the lower-layer network. 527 Step 5: The ingress LSR signals to establish the lower-layer LSP. 529 Step 6: If the lower-layer LSP setup is successful, the ingress LSR 530 notifies VNTM that the LSP is complete and supplies the tunnel 531 information. 533 Step 7: The ingress LSR (H2) advertises the new LSP as a TE link in 534 the higher-layer network routing instance. 536 Step 8: PCE notices the new TE link advertisement and recomputes the 537 requested path. 539 Step 9: PCE replies to H1 (PCC) with a computed higher-layer LSP 540 route. The computed path is categorized as a mono-layer path that 541 includes the already-established lower layer-LSP as a single hop in 542 the higher layer. The higher-layer route is specified as H1-H2-H3-H4, 543 where all hops are strict. 545 Step 9: H1 initiates signaling with the computed path H2-H3-H4 to 546 establish the higher-layer LSP. 548 4.2.2. Higher-Layer Signaling Trigger Model 550 ----- 552 Oki et al Expires December 2008 11 553 | PCE | 554 ----- 555 ^ 556 : 557 : 558 v 559 ----- ----- ----- ----- 560 | LSR |----| LSR |................| LSR |--| LSR | 561 | H1 | | H2 | | H3 | | H4 | 562 ----- -----\ /----- ----- 563 \----- -----/ 564 | LSR |--| LSR | 565 | L1 | | L2 | 566 ----- ----- 568 Figure 6: Higher-layer Signaling Trigger Model 570 Figure 6 shows the higher-layer signaling trigger model. The case of 571 single PCE path computation is considered to explain the higher- 572 layer signaling trigger model here, but multiple PCE path 573 computation with/without inter-PCE communication can also be applied 574 to this model. 576 As in the case described in Section 4.2.1, consider that H1 requests 577 PCE to compute a path between H1 and H4. There is no TE link in the 578 higher-layer between H2 and H3 before the path computation request. 580 PCE is unable to compute a mono-layer path, but may judge that the 581 establishment of a lower-layer LSP between H2 and H3 would provide 582 adequate connectivity. If the PCE has inter-layer visibility it may 583 return a path that includes hops in the lower layer (H1-H2-L1-L2-H3- 584 H4), but if it has no visibility into the lower layer, it may return 585 a path with a loose hop from H2 to H3 (H1-H2-H3(loose)-H4). The 586 former is a multi-layer path, and the latter a mono-layer path that 587 includes loose hops. 589 In the higher-layer signaling trigger model with a multi-layer path, 590 the LSP route supplied by the PCE includes the route of a lower- 591 layer LSP that is not yet established. A border LSR that is located 592 at the boundary between the higher-layer and lower-layer networks 593 (H2 in this example) receives a higher-layer signaling message, 594 notices that the next hop is in the lower-layer network, starts to 595 setup the lower-layer LSP as described in [RFC4206]. Note that these 596 actions depends on a policy being applied at the border LSR. An 597 example procedure of the signaling trigger model with a multi-layer 598 path is as follows. 600 Step 1: H1 (PCC) requests PCE to compute a path between H1 and H4. 601 The request indicates that inter-layer path computation is allowed. 603 Oki et al Expires December 2008 12 604 Step 2: As a result of the inter-layer path computation, PCE judges 605 that a new lower-layer LSP needs to be established. 607 Step 3: PCE replies to H1 (PCC) with a computed multi-layer route 608 including higher-layer and lower-layer LSP routes. The route may be 609 specified as H1-H2-L1-L2-H3-H4, where all hops are strict. 611 Step 4: H1 initiates higher-layer signaling using the computed 612 explicit router of H2-L1-L2-H3-H4. 614 Step 5: The border LSR (H2) that receives the higher-layer signaling 615 message starts lower-layer signaling to establish a lower-layer LSP 616 along the specified lower-layer route of H2-L1-L2-H3. That is, the 617 border LSR recognizes the hops within the explicit route that apply 618 to the lower-layer network, verifies with local policy that a new 619 LSP is acceptable, and establishes the required lower-layer LSP. 620 Note that it is possible that a suitable lower-layer LSP has already 621 been established (or become available) between the time that the 622 computation was performed and the moment when the higher-layer 623 signaling message reached the border LSR. In this case, the border 624 LSR may select such a lower-layer LSP without the need to signal a 625 new LSP provided that the lower-layer LSP satisfies the explicit 626 route in the higher-layer signaling request. 628 Step 6: After the lower-layer LSP is established, the higher-layer 629 signaling continues along the specified higher-layer route of H2-H3- 630 H4 using hierarchical signaling [RFC4206]. 632 On the other hand, in the signaling trigger model with a mono-layer 633 path, a higher-layer LSP route includes a loose hop to traverse the 634 lower-layer network between the two border LSRs. A border LSR that 635 receives a higher-layer signaling message needs to determine a path 636 for a new lower-layer LSP. It applies local policy to verify that a 637 new LSP is acceptable and then either consults a PCE with 638 responsibility for the lower-layer network or computes the path by 639 itself, and initiates signaling to establish the lower-layer LSP. 640 Again, it is possible that a suitable lower-layer LSP has already 641 been established (or become available). In this case, the border LSR 642 may select such a lower-layer LSP without the need to signal a new 643 LSP provided that the existing lower-layer LSP satisfies the 644 explicit route in the higher-layer signaling request. Since the 645 higher-layer signaling request used a loose hop without specifying 646 any specifics of the path within the lower-layer network, the border 647 LSR has greater freedom to choose a lower-layer LSP than in the 648 previous example. 650 Oki et al Expires December 2008 13 651 The difference between procedures of the signaling trigger model 652 with a multi-layer path and a mono-layer path is Step 5. Step 5 of 653 the signaling trigger model with a mono-layer path is as follows: 655 Step 5': The border LSR (H2) that receives the higher-layer 656 signaling message applies local policy to verify that a new LSP is 657 acceptable and then initiates establishment of a lower-layer LSP. It 658 either consults a PCE with responsibility for the lower-layer 659 network or computes the route by itself to expand the loose hop 660 route in the higher-layer path. 662 Finally, note that a virtual TE link may have been advertised into 663 the higher-layer network. This causes the PCE to return a path H1- 664 H2-H3-H4 where all the hops are strict. But when the higher-layer 665 signaling message reaches the layer border node H2 (that was 666 responsible for advertising the virtual TE link) it realizes that 667 the TE link does not exist yet, and signals the necessary LSP across 668 the lower-layer network using its own path determination (just as 669 for a loose hop in the higher layer) before continuing with the 670 higher-layer signaling. 672 PCE 673 ^ 674 : 675 : 676 V 677 H1--H2 H3--H4 678 \ / 679 L1==L2==L3--L4--L5 680 | 681 | 682 L6--L7 683 \ 684 H5--H6 686 Figure 7: Example of a Multi-Layer Network 688 Examples of multi-layer EROs are explained using Figure 7. It is 689 described how lower-layer LSP setup is performed in the higher-layer 690 signaling trigger model using an ERO that can include subobjects in 691 both the higher and lower layers. It gives rise to several options 692 for the ERO when it reaches the last LSR in the higher layer network 693 (H2). 694 1. The next subobject is a loose hop to H3 (mono layer ERO). 695 2. The next subobject is a strict hop to L1 followed by a loose hop 696 to H3. 697 3. The next subobjects are a series of hops (strict or loose) in the 698 lower-layer network followed by H3. For example, {L1(strict), 699 L3(loose), L5(loose), H3(strict)} 701 Oki et al Expires December 2008 14 702 In the first example, the lower layer can utilize any LSP tunnel 703 that will deliver the end-to-end LSP to H3. In the third case, the 704 lower layer must select an LSP tunnel that traverses L3 and L5. 705 However, this does not mean that the lower layer can or should use 706 an LSP from L1 to L3 and another from L3 to L5. 708 4.2.3. NMS-VNTM Cooperation Model 710 ----- 711 | NMS | 712 | | ----- 713 ----- | PCE | 714 ^ ^ | Hi | 715 : : ----- 716 : : ^ 717 : : : 718 : : : 719 : v v 720 : ------ ----- ----- ------ 721 : | LSR |--| LSR |........................| LSR |--| LSR | 722 : | H1 | | H2 | | H3 | | H4 | 723 : ------ -----\ /----- ------ 724 : ^ \ / 725 : : \ / 726 : -------- \ / 727 v : \ / 728 ------ ----- \----- -----/ 729 | VNTM |<-->| PCE | | LSR |--| LSR | 730 | | | Lo | | L1 | | L2 | 731 ------ ----- ----- ----- 733 Figure 8: NMS-VNTM Cooperation Model 735 Figure 8 show the Network Management System (NMS) in the NMS-VNTM 736 cooperation model. The NMS manages the higher layer. The case of 737 multiple PCE computation without inter-PCE communication is used to 738 explain the NMS-VNTM cooperation model here, but single PCE path 739 computation could also be applied to this model. Note that multiple 740 PCE path computation with inter-PCE communication does not fit in 741 with this model. 743 The NMS requests a head-end LSR (H1 in this example) to set up a 744 higher-layer LSP between head-end and tail-end LSRs without 745 specifying any route. The head-end LSR, which is a PCC, requests the 746 higher-layer PCE to compute a path between head-end and tail-end 747 LSRs. There is no TE link in the higher-layer between border LSRs 748 (H2 and H3 in this example). When the PCE fails to compute a path, 749 it informs the PCC (i.e., head-end LSR) that notifies the NMS. The 751 Oki et al Expires December 2008 15 752 notification may include the information that there is no TE link 753 between the border LSRs. 755 Note that it is equally valid for the higher-layer PCE to be 756 consulted by the NMS rather than by the head-end LSR. In this case, 757 the result is the same - the NMS discovers that an end-to-end LSP 758 cannot be provisioned owing to the lack of a TE link between H2 and 759 H3. 761 The NMS may now suggest (or request) to the VNTM that a lower-layer 762 LSP between the border LSRs could be established and could be 763 advertised as a TE link in the higher layer to support future 764 higher-layer LSP requests. The communication between the NMS and the 765 VNTM may be performed in an automatic manner or in a manual manner, 766 and is a key interaction between layers that may also be separate 767 administrative domains. Thus, this communication is potentially a 768 point of application of administrative, billing, and security policy. 769 The NMS may wait for the lower-layer LSP to be set up and advertised 770 as a TE link, or may reject the operator's request for the service 771 that requires the higher-layer LSP with a suggestion that the 772 operator tries again later. 774 The VNTM requests the lower-layer PCE to compute a path, and then 775 requests H2 to establish a lower-layer LSP. Alternatively, the VNTM 776 may make a direct request to H2 for the LSP, and H2 may consult the 777 lower-layer PCE. After the NMS is informed or notices that the 778 lower-layer LSP has been established, it can request the head-end 779 LSR (H1) to set up the higher-layer end-to-end LSP between H1 and H4. 781 Thus, cooperation between the high layer and lower layer is 782 performed though communication between NMS and VNTM. An example of 783 such a procedure of the NSM-VNTM cooperation model is as follows 784 using the example network in Figure 6. 786 Step 1: NMS requests a head-end LSR (H1) to set up a higher-layer 787 LSP between H1 and H4 without specifying any route. 789 Step 2: H1 (PCC) requests PCE to compute a path between H2 and H3. 791 Step 3: The path computation fails because there is no TE link 792 across the lower-layer network. 794 Step 4: H1 (PCC) notifies NMS. The notification may include an 795 indication that there is no TE link between H2 and H4. 797 Step 5: NMS suggests (or requests) to VNTM that a new TE link 798 connecting H2 and H3 would be useful. The NMS notifies VNTM that it 799 will be waiting for the TE link to be created. VNTM considers 801 Oki et al Expires December 2008 16 802 whether lower-layer LSPs should be established if necessary and if 803 acceptable within VNTM's policy constraints. 805 Step 6: VNTM requests the lower-layer PCE for path computation. 807 Step 7: VNTM requests the ingress LSR in the lower-layer network 808 (H2) to establish a lower-layer LSP. The request message includes a 809 lower-layer LSP route obtained from the lower-layer PCE responsible 810 for the lower-layer network. 812 Step 5: H2 signals the lower-layer LSP. 814 Step 6: If the lower-layer LSP setup is successful, H2 notifies VNTM 815 that the LSP is complete and supplies the tunnel information. 817 Step 7: H2 advertises the new LSP as a TE link in the higher-layer 818 network routing instance. 820 Step 8: VNTM notifies NMS that the underlying lower-layer LSP has 821 been set up, and NMS notices the new TE link advertisement. 823 Step 9: NMS again requests H1 to set up a higher-layer LSP between 824 H1 and H4. 826 Step 10: H1 requests the higher-layer PCE to compute a path and 827 obtains a successful result that includes the higher-layer route 828 that is specified as H1-H2-H3-H4, where all hops are strict. 830 Step 11: H1 initiates signaling with the computed path H2-H3-H4 to 831 establish the higher-layer LSP. 833 4.2.4. Possible Combinations of Inter-Layer Path Computation and Inter- 834 Layer Path Control Models 836 Table 1 summarizes the possible combinations of inter-layer path 837 computation and inter-layer path control models. There are three 838 inter-layer path computation models: the single PCE path computation 839 model; the multiple PCE path computation with inter-PCE 840 communication model; and the multiple PCE path computation without 841 inter-PCE communication model. There are also three inter-layer path 842 control models: the PCE-VNTM cooperation model; the higher-layer 843 signaling trigger model; and the NMS-VNTM cooperation model. All the 844 combinations between inter-layer path computation and path control 845 models, except for the combination of the multiple PCE path 846 computation with inter-layer PCE communication model and the NMS- 847 VNTM cooperation model are possible. 849 Table 1: Possible Combinations of Inter-Layer Path Computation and 850 Inter-Layer Path Control Models. 852 Oki et al Expires December 2008 17 853 ---------------------------------------------------- 854 | Path computation | Single | Multiple | Multiple | 855 | \ | PCE | PCE with | PCE w/o | 856 | Path control | | inter-PCE | inter-PCE | 857 |----------------------------------------------------| 858 | PCE-VNTM | Yes | Yes | Yes | 859 | cooperation | | | | 860 |----------------------------+-----------+-----------| 861 | Higher-layer | Yes | Yes | Yes | 862 | signaling trigger | | | | 863 |----------------------------------------------------| 864 | NMS-VNTM | No* | No | Yes | 865 | cooperation | | | | 866 -------------------+--------+-----------+----------- 868 *Note that, in case of NSM-VNTM cooperation and single PCE inter- 869 layer path computation, the PCE function used by NMS and VNTM may be 870 collocated, but it will operate on separate TEDs. 872 5. Choosing Between Inter-Layer Path Control Models 874 This section compares the cooperation model between PCE and VNTM, 875 and the higher-layer signaling trigger model, in terms of VNTM 876 functions, border LSR functions, higher-layer signaling time, and 877 complexity (in terms of number of states and messages). An 878 appropriate model may be chosen by a network operator in different 879 deployment scenarios taking all these considerations into account. 881 5.1. VNTM Functions 883 VNTM functions are required in both the PCE-VNTM cooperation model 884 and the NMS-VNTM model. In the PCE-VNTM cooperation model, 885 communications are required between PCE and VNTM, and between VNTM 886 and a border LSR. Communications between a higher-layer PCE and the 887 VNTM are event notifications and may use SNMP notifications from the 888 PCE MIB modules [PCE-MIB]. Note that communications from the PCE to 889 the VNTM do not have any acknowledgements. 891 VNTM-LSR communication can use existing GMPLS-TE MIB modules 892 [RFC4802]. In the NMS-VNTM cooperation model, communications are 893 required between NMS and VNTM, between VNTM and a lower-layer PCE, 894 and between VNTM and a border LSR. NMS-VNTM communications, which 895 are out of scope of this document, may use proprietary or standard 896 interfaces, some of which, for example, are standardized in TM Forum. 897 Communications between VNTM and a lower-layer PCE use PCEP [PCEP]. 898 VNTM-LSR communications are the same as in the PCE-VNTM cooperation 899 model. 901 Oki et al Expires December 2008 18 902 In the higher-layer signaling trigger model, no VNTM functions are 903 required, and no such communications are required. 905 If VNTM functions are not supported in a multi-layer network, the 906 higher-layer signaling trigger model has to be chosen. 908 The inclusion of VNTM functionality allows better coordination of 909 cross-network LSP tunnels and application of network-wide policy 910 that is far harder to apply in the trigger model since it requires 911 the coordination of policy between multiple border LSRs. 913 5.2. Border LSR Functions 915 In the higher-layer signaling trigger model, a border LSR must have 916 some additional functions. It needs to trigger lower-layer signaling 917 when a higher-layer path message suggests that lower-layer LSP setup 918 is necessary. Note that, if virtual TE links are used, the border 919 LSRs must be capable of triggered signaling. 921 If the ERO in the higher-layer Path message uses a mono-layer path 922 or specifies a loose hop, the border LSR receiving the Path message 923 must obtain a lower-layer route either by consulting a PCE or by 924 using its own computation engine. If the ERO in the higher-layer 925 Path message uses a multi-layer path, the border LSR must judge 926 whether lower-layer signaling is needed. 928 In the PCE-VNTM cooperation model and the NMS-VNTM model, no 929 additional function for triggered signaling is required in border 930 LSRs except when virtual TE links are used. Therefore, if these 931 additional functions are not supported in border LSRs, where a 932 border LSR is controlled by VNTM to set up a lower-layer LSP, the 933 cooperation model has to be chosen. 935 5.3. Complete Inter-Layer LSP Setup Time 937 The complete inter-layer LSP setup time includes inter-layer path 938 computation, signaling, and the communication time between PCC and 939 PCE, PCE and VNTM, NSM and VNTM, and VNTM and LSR. In the PCE-VNTM 940 cooperation model and the NMS-VNTM model, the additional 941 communication steps are required compared with the higher-layer 942 signaling trigger model. On the other hand, the cooperation model 943 provides better control at the cost of a longer service setup time. 945 Note that, in terms of higher-layer signaling time, in the higher- 946 layer signaling trigger model, the required time from when higher- 947 layer signaling starts to when it is completed, is more than that of 948 the cooperation model except when a virtual TE link is included. 949 This is because the former model requires lower-layer signaling to 950 take place during the higher-layer signaling. A higher-layer ingress 952 Oki et al Expires December 2008 19 953 LSR has to wait for more time until the higher-layer signaling is 954 completed. A higher-layer ingress LSR is required to be tolerant of 955 longer path setup times. 957 5.4. Network Complexity 959 If the higher and lower layer networks have multiple interconnects 960 then optimal path computation for end-to-end LSPs that cross the 961 layer boundaries is non-trivial. The higher layer LSP must be routed 962 to the correct layer border nodes to achieve optimality in both 963 layers. 965 Where the lower layer LSPs are advertised into the higher layer 966 network as TE links, the computation can be resolved in the higher 967 layer network. Care needs to be taken in the allocation of TE 968 metrics (i.e., costs) to the lower layer LSPs as they are advertised 969 as TE links into the higher layer network, and this might be a 970 function for a VNT Manager component. Similarly, attention should be 971 given to the fact that the LSPs crossing the lower-layer network 972 might share points of common failure (e.g., they might traverse the 973 same link in the lower-layer network) and the shared risk link 974 groups (SRLGs) for the TE links advertised in the higher-layer must 975 be set accordingly. 977 In the single PCE model an end-to-end path can be found in a single 978 computation because there is full visibility into both layers and 979 all possible paths through all layer interconnects can be considered. 981 Where PCEs cooperate to determine a path, an iterative computation 982 model such as [BRPC] can be used to select an optimal path across 983 layers. 985 When non-cooperating mono-layer PCEs, each of which is in a separate 986 layer, are used with the triggered LSP model, it is not possible to 987 determine the best border LSRs, and connectivity cannot even be 988 guaranteed. In this case, signaling crankback techniques [RFC4920] 989 can be used to eventually achieve connectivity, but optimality is 990 far harder to achieve. In this model, a PCE that is requested by an 991 ingress LSR to compute a path expects a border LSR to setup a lower- 992 layer path triggered by high-layer signaling when there is no TE 993 link between border LSRs. 995 5.5. Separation of Layer Management 997 Many network operators may want to provide a clear separation 998 between the management of the different layer networks. In some 999 cases, the lower layer network may come from a separate commercial 1000 arm of an organization or from a different corporate body entirely. 1001 In these cases, the policy applied to the establishment of LSPs in 1003 Oki et al Expires December 2008 20 1004 the lower-layer network and to the advertisement of these LSPs as TE 1005 links in the higher-layer network will reflect commercial agreements 1006 and security concerns (see next section). Since the capacity of the 1007 LSPs in the lower-layer network are likely to be significantly 1008 larger than those in the client higher-layer network (multiplex- 1009 server model), the administrator of the lower-layer network may want 1010 to exercise caution before allowing a single small demand in the 1011 higher layer to tie up valuable resources in the lower layer. 1013 The necessary policy points for this separation of administration 1014 and management are more easily achieved through the VNTM approach 1015 than by using triggered signaling. In effect, the VNTM is the 1016 coordination point for all lower layer LSPs and can be closely tied 1017 to a human operator as well as to policy and billing. Such a model 1018 can also be achieved using triggered signaling. 1020 6. Stability Considerations 1022 Inter-layer traffic engineering needs to be managed and operated 1023 correctly to avoid introducing instability problems. 1025 Lower-layer LSPs are likely, by the nature of the technologies used 1026 in layered networks, to be of considerably higher capacity than the 1027 higher-layer LSPs. This has the benefit of allowing multiple higher- 1028 layer LSPs to be carried across the lower-layer network in a single 1029 lower-layer LSP. However, when a new lower-layer LSP is set up to 1030 support a request for a higher-layer LSP because there is no 1031 suitable route in the higher-layer network, it may be the case that 1032 a very large LSP is established in support of a very small traffic 1033 demand. Further, if the higher-layer LSP is short-lived, the 1034 requirement for the lower-layer LSP will go away leaving it either 1035 in-place but unused, or requiring it to be torn down. This may cause 1036 excessive tie-up of unused lower-layer network resources, or may 1037 introduce instability into the lower-layer network. It is important 1038 that appropriate policy controls or configuration features are 1039 available so that demand-led establishment of lower-layer LSPs (the 1040 so-called "bandwidth on demand") is filtered according to the 1041 requirements of the lower-layer network. 1043 When a higher-layer LSP is requested to be set up, a new lower-layer 1044 LSP may be established if there is no route with the requested 1045 bandwidth for the higher-layer LSP. After the lower-layer LSP is 1046 established, existing high-layer LSPs could be re-routed to use the 1047 newly established lower-layer LSP if using the lower-layer LSP 1048 provides a better route than that taken by the existing LSPs. This 1049 re-routing may result in lower utilization of other lower-layer LSPs 1050 that used to carry the existing higher-layer LSPs. When the 1051 utilization of a lower-layer LSP drops below a threshold (or drops 1052 to zero), the LSP is deleted according to lower-layer network policy. 1054 Oki et al Expires December 2008 21 1055 But consider that some other new higher-layer LSP may be requested 1056 at once requiring the establishment or re-establishment of a lower- 1057 layer LSP. This, in turn, may cause higher-layer re-routing making 1058 other lower-layer LSPs under-utilized, in a cyclic manner. This 1059 behavior makes the higher-layer network unstable. 1061 Inter-layer traffic engineering needs to avoid network instability 1062 problems. To solve the problem, network operators may have some 1063 constraints achieved through configuration or policy, where inter- 1064 layer path control actions such as re-routing and deletion of lower- 1065 layer LSPs are not easily allowed. For example, threshold parameters 1066 for the actions are determined so that hysteresis control behavior 1067 can be performed. 1069 7. Manageability Considerations 1071 Inter-layer MPLS or GMPLS traffic engineering must be considered in 1072 the light of administrative and management boundaries that are 1073 likely to coincide with the technology layer boundaries. That is, 1074 each layer network may possibly be under separate management control 1075 with different policies applied to the networks, and specific policy 1076 rules applied at the boundaries between the layers. 1078 Management mechanisms are required to make sure that inter-layer 1079 traffic engineering can be applied without violating the policy and 1080 administrative operational procedures used by the network operators. 1082 7.1. Control of Function and Policy 1084 7.1.1. Control of Inter-Layer Computation Function 1086 PCE implementations that are capable of supporting inter-layer 1087 computations should provide a configuration switch to allow support 1088 of inter-layer path computations to be enabled or disabled. 1090 When a PCE is capable of, and configured for, inter-layer path 1091 computation, it should advertise this capability as described in 1092 [PCE-INTER-LAYER-REQ], but this advertisement may be suppressed 1093 through a secondary configuration option. 1095 7.1.2. Control of Per-Layer Policy 1097 Where each layer is operated as a separate network, the operators 1098 must have control over the policies applicable to each network, and 1099 that control should be independent of the control of policies for 1100 other networks. 1102 Where multiple layers are operated as part of the same network, the 1103 operator may have a single point of control for an integrated policy 1105 Oki et al Expires December 2008 22 1106 across all layers, or may have control of separate policies for each 1107 layer. 1109 7.1.3. Control of Inter-Layer Policy 1111 Probably the most important issue for inter-layer traffic 1112 engineering is inter-layer policy. This may cover issues such as 1113 under what circumstances a lower layer LSP may be established to 1114 provide connectivity in the higher layer network. Inter-layer policy 1115 may exist to protect the lower layer (high capacity) network from 1116 very dynamic changes in micro-demand in the higher layer network 1117 (see Section 6). It may also be used to ensure appropriate billing 1118 for the lower layer LSPs. 1120 Inter-layer policy should include the definition of the points of 1121 connectivity between the network layers, the inter-layer TE model to 1122 be applied (for example, the selection between the models described 1123 in this document), and the rules for path computation and LSP setup. 1124 Where inter-layer policy is defined, it must be used consistently 1125 throughout the network, and should be made available to the PCEs 1126 that perform inter-layer computation so that appropriate paths are 1127 computed. Mechanisms for providing policy information to PCEs are 1128 discussed in [PCE-POLICY]. 1130 VNTM may provide a suitable functional component for the 1131 implementation of inter-layer policy. Use of VNTM allows the 1132 administrator of the lower layer network to apply inter-layer policy 1133 without making that policy public to the operator of the higher 1134 layer network. Similarly, a cooperative PCE model (with or without 1135 inter-PCE communication) allows separate application of policy 1136 during the selection of paths. 1138 7.2. Information and Data Models 1140 Any protocol extensions to support inter-layer computations must be 1141 accompanied by the definition of MIB objects for the control and 1142 monitoring of the protocol extensions. These MIB object definitions 1143 will conventionally be placed in a separate document from that which 1144 defines the protocol extensions. The MIB objects may be provided in 1145 the same MIB module as used for the management of the base protocol 1146 that is being extended. 1148 Note that inter-layer PCE functions should, themselves, be 1149 manageable through MIB modules. In general, this means that the MIB 1150 modules for managing PCEs should include objects that can be used to 1151 select and report on the inter-layer behavior of each PCE. It may 1152 also be appropriate to provide statistical information that reports 1153 on the inter-layer PCE interactions. 1155 Oki et al Expires December 2008 23 1156 Where there are communications between a PCE and VNTM, additional 1157 MIB modules may be necessary to manage and model these 1158 communications. On the other hand, if these communications are 1159 provided through MIB notifications, then those notifications must 1160 form part of a MIB module definition. 1162 Policy Information Base (PIB) modules may also be appropriate to 1163 meet the requirements as described in Section 6.1 and [PCE-POLICY]. 1165 7.3. Liveness Detection and Monitoring 1167 Liveness detection and monitoring is required between PCEs and PCCs, 1168 and between cooperating PCEs as described in [RFC4657]. Inter-layer 1169 traffic engineering does not change this requirement. 1171 Where there are communications between a PCE and VNTM, additional 1172 liveness detection and monitoring may be required to allow the PCE 1173 to know whether the VNTM has received its information about failed 1174 path computations and desired TE links. 1176 When a lower layer LSP fails (perhaps because of the failure of a 1177 lower layer network resource) or is torn down as a result of lower 1178 layer network policy, the consequent change should be reported to 1179 the higher layer as a change in the VNT, although inter-layer policy 1180 may dictate that such a change is hidden from the higher layer. The 1181 higher layer network may additionally operate data plane failure 1182 techniques over the virtual TE links in the VNT in order to monitor 1183 the liveness of the connections, but it should be noted that if the 1184 virtual TE link is advertised but not yet established as an LSP in 1185 the lower layer, such higher layer OAM techniques will report a 1186 failure. 1188 7.4. Verifying Correct Operation 1190 The correct operation of the PCE computations and interactions are 1191 described in [RFC4657], [PCEP], etc., and does not need further 1192 discussion here. 1194 The correct operation of inter-layer traffic engineering may be 1195 measured in several ways. First, the failure rate of higher layer 1196 path computations owing to an absence of connectivity across the 1197 lower layer may be observed as a measure of the effectiveness of the 1198 VNT and may be reported as part of the data model described in 1199 Section 6.2. Second, the rate of change of the VNT (i.e., the rate 1200 of establishment and removal of higher layer TE links based on lower 1201 layer LSPs) may be seen as a measure of the correct planning of the 1202 VNT and may also form part of the data model described in Section 1203 6.2. Third, network resource utilization in the lower layer (both in 1204 terms of resource congestion, and in consideration of under 1206 Oki et al Expires December 2008 24 1207 utilization of LSPs set up to support virtual TE links) can indicate 1208 whether effective inter-layer traffic engineering is being applied. 1210 Management tools in the higher layer network should provide a view 1211 of which TE links are provided using planned lower layer capacity 1212 (that is, physical connectivity or permanent connections) and which 1213 TE links are dynamic and achieved through inter-layer traffic 1214 engineering. Management tools in the lower layer should provide a 1215 view of the use to which lower layer LSPs are put including whether 1216 they have been set up to support TE links in a VNT, and if so for 1217 which client network. 1219 7.5. Requirements on Other Protocols and Functional Components 1221 There are no protocols or protocol extensions defined in this 1222 document and so it is not appropriate to consider specific 1223 interactions with other protocols. It should be noted, however, that 1224 the objective of this document is to enable inter-layer traffic 1225 engineering for MPLS-TE and GMPLS networks and so it is assumed that 1226 the necessary features for inter-layer operation of routing and 1227 signaling protocols are in existence or will be developed. 1229 This document introduces roles for various network components (PCE, 1230 LSR, NMS, and VNTM). Those components are all required to play their 1231 part in order that inter-layer TE can be effective. That is, an 1232 inter-layer TE model that assumes the presence and operation of any 1233 of these functional components obviously depends on those components 1234 to fulfill their roles as described in this document. 1236 7.6. Impact on Network Operation 1238 The use of a PCE to compute inter-layer paths is expected to have a 1239 significant and beneficial impact on network operations. Inter-layer 1240 traffic engineering of itself may provide additional flexibility to 1241 the higher layer network while allowing the lower layer network to 1242 support more and varied client networks in a more efficient way. 1243 Traffic engineering across network layers allows optimal use to be 1244 made of network resources in all layers. 1246 The use of PCE as described in this document may also have a 1247 beneficial effect on the loading of PCEs responsible for performing 1248 inter-layer path computation while facilitating a more independent 1249 operation model for the network layers. 1251 8. Security Considerations 1253 Inter-layer traffic engineering with PCE raises new security issues 1254 in all three inter-layer path control models. 1256 Oki et al Expires December 2008 25 1257 In the cooperation model between PCE and VNTM, when the PCE 1258 determines that a new lower-layer LSP is desirable, communications 1259 are needed between the PCE and VNTM and between VNTM and a border 1260 LSR. In this case, these communications should have security 1261 mechanisms to ensure authenticity, privacy and integrity of the 1262 information exchanged. In particular, it is important to protect 1263 against false triggers for LSP setup in the lower-layer network 1264 since such falsification could tie up lower-layer network resources 1265 (achieving a denial of service attack on the lower-layer network and 1266 on the higher layer network that is attempting to use it) and could 1267 result in incorrect billing for services provided by the lower-layer 1268 network. Where the PCE MIB modules are used to provide the 1269 notification exchanges between the higher-layer PCE and the VNTM, 1270 SNMP v3 should be used to ensure adequate security. Additionally, 1271 the VNTM should provide configurable or dynamic policy functions so 1272 that the VNTM behavior upon receiving notification from a higher- 1273 layer PCE can be controlled. 1275 The main security concern in the higher-layer signaling trigger 1276 model is related to confidentiality. The PCE may inform a higher- 1277 layer PCC about a multi-layer path that includes an ERO in the 1278 lower-layer network, but the PCC may not have TE topology visibility 1279 into the lower-layer network and might not be trusted with this 1280 information. A loose hop across the lower-layer network could be 1281 used, but this decreases the benefit of multi-layer traffic 1282 engineering. A better alternative may be to mask the lower-layer 1283 path using a path key [PATH-KEY] that can be expanded within the 1284 lower-layer network. Consideration must also be given to filtering 1285 the recorded path information from the lower-layer - see [RFC4208], 1286 for example. 1288 Additionally, in the higher-layer signaling trigger model, 1289 consideration must be given to the security of signaling at the 1290 inter-layer interface since the layers may belong to different 1291 administrative or trust domains. 1293 The NMS-VNTM cooperation model introduces communication between the 1294 NMS and the VNTM. Both of these components belong to the management 1295 plane and the communication is out of scope for this PCE document. 1296 Note that the NMS-VNTM cooperation model may be considered to 1297 address many security and policy concerns because the control and 1298 decision-making is placed within the sphere of influence of the 1299 operator in contrast to the more dynamic mechanisms of the other 1300 models. However, the security issues have simply moved, and will 1301 require authentication of operators and of policy. 1303 Security issues may also exist when a single PCE is granted full 1304 visibility of TE information that applies to multiple layers. Any 1305 access to the single PCE will immediately gain access to the 1307 Oki et al Expires December 2008 26 1308 topology information for all network layers - effectively, a single 1309 security breach can expose information that requires multiple 1310 breaches in other models. 1312 Note that, as described in Section 6, inter-layer TE can cause 1313 network stability issues, and this could be leveraged to attack 1314 either the higher or lower layer network. Precautionary measures, 1315 such as those described in Section 7.1.3, can be applied through 1316 policy or configuration to dampen any network oscillations. 1318 9. Acknowledgments 1320 We would like to thank Kohei Shiomoto, Ichiro Inoue, Julien Meuric, 1321 Jean-Francois Peltier, Young Lee, Ina Minei, and Jean-Philippe 1322 Vasseur for their useful comments. 1324 10. References 1326 10.1. Normative Reference 1328 [RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol 1329 Label Switching Architecture", RFC 3031, January 2001. 1331 [RFC3945] Mannie, E., "Generalized Multi-Protocol Label Switching 1332 Architecture", RFC 3945, October 2004. 1334 [RFC4206] K. Kompella and Y. Rekhter, "Label Switched Paths (LSP) 1335 Hierarchy with Generalized Multi-Protocol Label Switching (GMPLS) 1336 Traffic Engineering (TE)", RFC 4206, October 2005. 1338 10.2. Informative Reference 1340 [MLN-REQ] K. Shiomoto et al., "Requirements for GMPLS-based multi- 1341 region networks (MRN)", draft-ietf-ccamp-gmpls-mln-reqs (work in 1342 progress). 1344 [PCE-INTER-LAYER-REQ] E. Oki et al., "PCC-PCE Communication 1345 Requirements for Inter-Layer Traffic Engineering", draft-ietf-pce- 1346 inter-layer-req (work in progress). 1348 [BRPC] JP. Vasseur et al., "A Backward Recursive PCE-based 1349 Computation (BRPC) procedure to compute shortest inter-domain 1350 Traffic Engineering Label Switched Paths", draft-ietf-pce-brpc (work 1351 in progress). 1353 [RFC4920] A. Farrel et al., "Crankback Signaling Extensions for MPLS 1354 and GMPLS RSVP-TE", RFC 4920, July 2007. 1356 Oki et al Expires December 2008 27 1358 [PCE-MIB] E. Stephan, "Definitions of Textual Conventions for Path 1359 Computation Element", draft-ietf-pce-tc-mib.txt (work in progress). 1361 [RFC4802] A. Farrel and T. Nadeau, "Generalized Multiprotocol Label 1362 Switching (GMPLS) Traffic Engineering Management Information Base", 1363 RFC 4802, February 2007. 1365 [PATH-KEY] Bradford, R., Vasseur, JP., and Farrel, A., "Preserving 1366 Topology Confidentiality in Inter-Domain Path Computation Using a 1367 Key Based Mechanism", draft-ietf-pce-path-key, work in progress. 1369 [RFC4208] Swallow, G., Drake, J., Ishimatsu, H., and Rekhter, Y., " 1370 Generalized Multiprotocol Label Switching (GMPLS) User-Network 1371 Interface (UNI): Resource ReserVation Protocol-Traffic Engineering 1372 (RSVP-TE) Support for the Overlay Model", RFC 4208, October 2005. 1374 [RFC4655] A. Farrel, JP. Vasseur and J. Ash, "A Path Computation 1375 Element (PCE)-Based Architecture", RFC 4655, August 2006. 1377 [RFC4657] J. Ash and J.L. Le Roux (Ed.), "Path Computation Element 1378 (PCE) Communication Protocol Generic Requirements", RFC 4657, 1379 September 2006. 1381 [PCE-POLICY] Bryskin, I., Papadimitriou, P., and Berger, L., 1382 "Policy-Enabled Path Computation Framework", draft-ietf-pce-policy- 1383 enabled-path-comp, (work in progress). 1385 [PCEP] JP. Vasseur et al, "Path Computation Element (PCE) 1386 communication Protocol (PCEP) - Version 1 -" draft-ietf-pce-pcep 1387 (work in progress). 1389 11. Authors' Addresses 1391 Eiji Oki 1392 NTT 1393 3-9-11 Midori-cho, 1394 Musashino-shi, Tokyo 180-8585, Japan 1395 Email: oki.eiji@lab.ntt.co.jp 1397 Tomonori Takeda 1398 NTT 1399 3-9-11 Midori-cho, 1400 Musashino-shi, Tokyo 180-8585, Japan 1401 Email: takeda.tomonori@lab.ntt.co.jp 1403 Jean-Louis Le Roux 1404 France Telecom R&D, 1405 Av Pierre Marzin, 1407 Oki et al Expires December 2008 28 1408 22300 Lannion, France 1409 Email: jeanlouis.leroux@orange-ftgroup.com 1411 Adrian Farrel 1412 Old Dog Consulting 1413 Email: adrian@olddog.co.uk 1415 12. Intellectual Property Statement 1417 The IETF takes no position regarding the validity or scope of any 1418 Intellectual Property Rights or other rights that might be claimed 1419 to pertain to the implementation or use of the technology described 1420 in this document or the extent to which any license under such 1421 rights might or might not be available; nor does it represent that 1422 it has made any independent effort to identify any such rights. 1423 Information on the procedures with respect to rights in RFC 1424 documents can be found in BCP 78 and BCP 79. 1426 Copies of IPR disclosures made to the IETF Secretariat and any 1427 assurances of licenses to be made available, or the result of an 1428 attempt made to obtain a general license or permission for the use 1429 of such proprietary rights by implementers or users of this 1430 specification can be obtained from the IETF on-line IPR repository 1431 at http://www.ietf.org/ipr. 1433 The IETF invites any interested party to bring to its attention any 1434 copyrights, patents or patent applications, or other proprietary 1435 rights that may cover technology that may be required to implement 1436 this standard. Please address the information to the IETF at ietf- 1437 ipr@ietf.org. 1439 Disclaimer of Validity 1441 This document and the information contained herein are provided on 1442 an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE 1443 REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE 1444 IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL 1445 WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY 1446 WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE 1447 ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS 1448 FOR A PARTICULAR PURPOSE. 1450 Copyright Statement 1452 Copyright (C) The IETF Trust (2008). 1454 This document is subject to the rights, licenses and restrictions 1455 contained in BCP 78, and except as set forth therein, the authors 1456 retain all their rights. 1458 Oki et al Expires December 2008 29